Skip to content

Plans for Core_Events #5

Description

@szepeviktor
  • robots & errors in /wp-comments-post.php (as in block-bad-requests.inc)
  • non-attack 404:
    logsearch.sh -e wpf2b_404|sed -ne 's|.*wpf2b_404 (s:[0-9]\+:"\([^"]*\)";).*|\1|p'|grep -vx "/[a-z/-]\+/\|.*\.jpg"|sort
    • non-ascii post slugs
  • fake Googlebot, Referer: http://www.google.com
    grep -hi ' "[^"]*Googlebot[^"]*"$' /var/log/apache2/*access.log|grep -v "^66\.249\."
  • core: No filter for successful XMLRPC login in wp_authenticate()
  • write test.sh
  • robot requests not through /index.php (exclude: xmlrpc, trackback, see: wp_403())
  • append: http://plugins.svn.wordpress.org/block-bad-queries/trunk/block-bad-queries.php
  • option to immediately ban on non-WP scripts (.php$ .aspx?$)
  • new: invalid user during lost password
  • new: invalid "lost password" token
  • log xmlrpc? add_action( 'xmlrpc_call', function( $call ) { if ( 'pingback.ping' == $call ) {} } );
  • log proxy IP: HTTP_X_FORWARDED_FOR, HTTP_INCAP_CLIENT_IP, HTTP_CF_CONNECTING_IP backed by mod_remoteip
  • registration errors: the dirty way
    add_filter( 'login_errors', function ( $em ) { error_log( 'em:' . $em ); return $em; }, 0 );

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions